testing: Delete accidentally committed test cases

diff --git a/testing/tnccs-20-pdp-eap/description.txt b/testing/tnccs-20-pdp-eap/description.txt
deleted file mode 100644 (file)
index a178211..0000000
--- a/testing/tnccs-20-pdp-eap/description.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to the policy enforcement
-point <b>moon</b>. At the outset the gateway authenticates itself to the clients by sending an IKEv2
-<b>RSA signature</b> accompanied by a certificate. <b>carol</b> and <b>dave</b> then set up an
-<b>EAP-TTLS</b> tunnel each via gateway <b>moon</b> to the policy decision point <b>alice</b>
-authenticated by an X.509 AAA certificate. The strong EAP-TTLS tunnel protects the ensuing weak
-client authentication based on <b>EAP-MD5</b>. In a next step the EAP-TNC protocol is used within
-the EAP-TTLS tunnel to determine the health of <b>carol</b> and <b>dave</b> via the <b>IF-TNCCS 2.0</b>
-client-server interface defined by <b>RFC 5793 PB-TNC</b>. The communication between IMCs and IMVs
-is based on the <b>IF-M</b> protocol defined by <b>RFC 5792 PA-TNC</b>.
-<p>
-<b>carol</b> passes the health test and <b>dave</b> fails. Based on these measurements the clients
-are connected by gateway <b>moon</b> to the "rw-allow" and "rw-isolate" subnets, respectively.

diff --git a/testing/tnccs-20-pdp-eap/evaltest.dat b/testing/tnccs-20-pdp-eap/evaltest.dat
deleted file mode 100644 (file)
index 9a477bd..0000000
--- a/testing/tnccs-20-pdp-eap/evaltest.dat
+++ /dev/null
@@ -1,29 +0,0 @@
-dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
-dave:: cat /var/log/daemon.log::PDP server.*aaa.strongswan.org.*is listening on port 271::YES
-dave:: cat /var/log/daemon.log::collected 372 SWID tags::YES
-dave:: cat /var/log/daemon.log::PB-TNC access recommendation is .*Quarantined::YES
-dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES
-dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
-carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
-carol::cat /var/log/daemon.log::PDP server.*aaa.strongswan.org.*is listening on port 271::YES
-carol::cat /var/log/daemon.log::collected 373 SWID tag IDs::YES
-carol::cat /var/log/daemon.log::collected 1 SWID tag::YES
-carol::cat /var/log/daemon.log::PB-TNC access recommendation is .*Access Allowed::YES
-carol::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES
-carol::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.100/32 === 10.1.0.0/28::YES
-alice::cat /var/log/daemon.log::user AR identity.*dave.*authenticated by password::YES
-alice::cat /var/log/daemon.log::IMV 2 handled SWIDT workitem 3: allow - received inventory of 0 SWID tag IDs and 372 SWID tags::YES
-alice::cat /var/log/daemon.log::user AR identity.*carol.*authenticated by password::YES
-alice::cat /var/log/daemon.log::IMV 2 handled SWIDT workitem 9: allow - received inventory of 373 SWID tag IDs and 1 SWID tag::YES
-moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'isolate'::YES
-moon:: cat /var/log/daemon.log::RADIUS authentication of 'dave' successful::YES
-moon:: cat /var/log/daemon.log::authentication of '192.168.0.200' with EAP successful::YES
-moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'allow'::YES
-moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol' successful::YES
-moon:: cat /var/log/daemon.log::authentication of '192.168.0.100' with EAP successful::YES
-moon:: ipsec statusall 2>/dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
-moon:: ipsec statusall 2>/dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
-carol::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_req=1::NO
-dave:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_req=1::YES
-dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::NO

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default b/testing/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default
deleted file mode 100644 (file)
index f6bf635..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default
+++ /dev/null
@@ -1,24 +0,0 @@
-WSGIPythonPath /var/www/tnc
-
-<VirtualHost *:80>
-    ServerName tnc.strongswan.org
-    ServerAlias tnc
-    ServerAdmin webmaster@localhost
-
-    DocumentRoot /var/www/tnc
-
-    <Directory /var/www/tnc/config>
-        <Files wsgi.py>
-            Order deny,allow
-            Allow from all
-        </Files>
-    </Directory>
-
-    WSGIScriptAlias / /var/www/tnc/config/wsgi.py
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIPassAuthorization On
-
-    ErrorLog ${APACHE_LOG_DIR}/tnc/error.log
-    LogLevel warn
-    CustomLog ${APACHE_LOG_DIR}/tnc/access.log combined
-</VirtualHost>

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.conf b/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.conf
deleted file mode 100644 (file)
index f2e6119..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-       charondebug="tnc 2, imv 3"
-
-conn aaa
-       leftcert=aaaCert.pem
-       leftid=aaa.strongswan.org
-       auto=add

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/certs/aaaCert.pem b/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/certs/aaaCert.pem
deleted file mode 100644 (file)
index 6aeb0c0..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/certs/aaaCert.pem
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEIDCCAwigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTEwMDgwNDA4Mzg0MVoXDTE1MDgwMzA4Mzg0MVowRTELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEmFhYS5z
-dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2R
-RcAYdZ/jOhHBSjrLDYT1OhRJ2mXjyuSbWyJQogF9c6sY8W2GhTC4e1gNThZM9+Pm
-Vzs0R39kzxsmOFhuTfwIhavMzvkWJ7945WDvTpuo2teK4fTtfix3iuyycVXywa7W
-Uum6vZb4uwNoFsZtlYSUFs+app/1VC3X8vEFvP9p//KW2fwbJ6PzR1XN/8AibxoF
-AnfqAXUenRQ1Xs/07/xF4bkZ5MUNTFTo5H+BAc49lAC16TarSTPnX1D925kIGxni
-wePHlIZrCYQTFr003+YNUehVvUxyv0NuIwlxFPokFPLDkQWk6SDvD87FW5IJ06cg
-EbrCFjcIR9/2vIepJd8CAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgOoMB0GA1UdDgQWBBQS5lPpgsOE14sz7JGZimSmSbZOeDBtBgNVHSMEZjBkgBRd
-p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
-EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
-ADAdBgNVHREEFjAUghJhYWEuc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB
-BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y
-Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAqM2eqrsJmAop2roa
-yNeJt8317sdAll8TvDf+s4EeCtcpDT0cIX5vCumpL6E7nV9NWWDazGCAOkwWDPpp
-iuq6R0Js8r0MbyIUbVgOe3xIOqLKd9YW0sb1IwfR/zvWcPUjnUHlqfRH7gdiR4G2
-bWIvKenl3hOQege/XnJNPUwzxeVX7k/qPivOk4I3pLnBjTRtFQdweHM95ex7Fk/d
-HoeWjw5q3MxS3ZwXpKQxZvWU5SDkkc2NJ0/0sm+wca8NC86cXkGqcLFEgJo2l3Dr
-EpZgxIhllub0M88PU7dQrDmy8OQ5j0fhayB1xpVO+REn3norclXZ2yrl4uz0eWR4
-v42sww==
------END CERTIFICATE-----

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/private/aaaKey.pem b/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/private/aaaKey.pem
deleted file mode 100644 (file)
index da8cdb0..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.d/private/aaaKey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEArZFFwBh1n+M6EcFKOssNhPU6FEnaZePK5JtbIlCiAX1zqxjx
-bYaFMLh7WA1OFkz34+ZXOzRHf2TPGyY4WG5N/AiFq8zO+RYnv3jlYO9Om6ja14rh
-9O1+LHeK7LJxVfLBrtZS6bq9lvi7A2gWxm2VhJQWz5qmn/VULdfy8QW8/2n/8pbZ
-/Bsno/NHVc3/wCJvGgUCd+oBdR6dFDVez/Tv/EXhuRnkxQ1MVOjkf4EBzj2UALXp
-NqtJM+dfUP3bmQgbGeLB48eUhmsJhBMWvTTf5g1R6FW9THK/Q24jCXEU+iQU8sOR
-BaTpIO8PzsVbkgnTpyARusIWNwhH3/a8h6kl3wIDAQABAoIBAQCJDzatQqNf5uds
-Ld6YHtBGNf/vFYLJAuCtNaD5sAK+enpkmgXMH3X9yzBbj+Yh5hW6eaJYtiffiZOi
-NMQ50KD0bSZhTBIE0GIC6Uz5BwBkGyr1Gk7kQsZoBt5Fm4O0A0a+8a/3secU2MWV
-IxUZDGANmYOJ3O3HUstuiCDoA0gDyDt44n0RWOhKrPQmTP6vTItd/14Zi1Pg9ez3
-Mej/ulDmVV1R474EwUXbLLPBjP3vk++SLukWn4iWUeeHgDHSn0b/T5csUcH0kQMI
-aYRU2FOoCPZpRxyTr9aZxcHhr5EhQSCg7zc8u0IjpTFm8kZ4uN+60777w1A/FH5X
-YHq+yqVBAoGBANy6zM0egvyWQaX4YeoML65393iXt9OXW3uedMbmWc9VJ0bH7qdq
-b4X5Xume8yY1/hF8nh7aC1npfVjdBuDse0iHJ/eBGfCJ2VoC6/ZoCzBD7q0Qn2If
-/Sr/cbtQNTDkROT75hAo6XbewPGt7RjynH8sNmtclsZ0yyXHx0ml90tlAoGBAMlN
-P4ObM0mgP2NMPeDFqUBnHVj/h/KGS9PKrqpsvFOUm5lxJNRIxbEBavWzonphRX1X
-V83RICgCiWDAnqUaPfHh9mVBlyHCTWxrrnu3M9qbr5vZMFTyYiMoLxSfTmW5Qk8t
-cArqBDowQbiaKJE9fHv+32Q0IYRhJFVcxZRdQXHzAoGALRBmJ6qHC5KRrJTdSK9c
-PL55Y8F14lkQcFiVdtYol8/GyQigjMWKJ0wWOJQfCDoVuPQ8RAg4MQ8ebDoT4W/m
-a5RMcJeG+Djsixf1nMT5I816uRKft6TYRyMH0To64dR4zFcxTTNNFtu7gJwFwAYo
-NT6NjbXFgpbtsrTq1vpvVpECgYA0ldlhp8leEl58sg34CaqNCGLCPP5mfG6ShP/b
-xUvtCYUcMFJOojQCaTxnsuVe0so0U/y750VfLkp029yVhKVp6n1TNi8kwn03NWn/
-J3yEPudA7xuRFUBNrtGdsX/pUtvfkx8RutAf4ztH3f1683Txb0MsCfI3gqjbI8D5
-YOMXwQKBgAJnMfPslZIg6jOpBCo6RjdwvjZyPXXyn4dcCyW//2+olPdWnuu+HRCZ
-SkAWB7lSRLSvDZARHb63k+gwSl8lmwrSM53nDwaRdTKjhK2BFWsAKJNOhrOUQqJu
-EXvH4R1NrqOkPqLoG5Iw3XFUh5lQGKvKkU28W6Weolj2saljbW2b
------END RSA PRIVATE KEY-----

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.secrets b/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.secrets
deleted file mode 100644 (file)
index 11d45cd..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/ipsec.secrets
+++ /dev/null
@@ -1,6 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: RSA aaaKey.pem
-
-carol : EAP "Ar3etTnp"
-dave  : EAP "W7R0g3do"

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/pts/data1.sql b/testing/tnccs-20-pdp-eap/hosts/alice/etc/pts/data1.sql
deleted file mode 100644 (file)
index 8adc459..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/pts/data1.sql
+++ /dev/null
@@ -1,61 +0,0 @@
-/* Devices */
-
-INSERT INTO devices (                  /*  1 */
-  value, product, created  
-) VALUES (
-  'aabbccddeeff11223344556677889900', 42, 1372330615
-);
-
-/* Groups Members */
-
-INSERT INTO groups_members (
-  group_id, device_id
-) VALUES (
-  10, 1
-);
-
-/* Identities */
-
-INSERT INTO identities (
-  type, value
-) VALUES ( /* dave@strongswan.org */
-  5, X'64617665'
-);
-
-/* Sessions */
-
-INSERT INTO sessions (
-  time, connection, identity, device, product, rec
-) VALUES (
-  NOW, 1, 1, 1, 42, 0
-);
-
-/* Results */
-
-INSERT INTO results (
-  session, policy, rec, result
-) VALUES (
-  1, 1, 0, 'processed 355 packages: 0 not updated, 0 blacklisted, 4 ok, 351 not found'
-);
-
-/* Enforcements */
-
-INSERT INTO enforcements (
-  policy, group_id, max_age, rec_fail, rec_noresult
-) VALUES (
-  3, 10, 0, 2, 2
-);
-
-INSERT INTO enforcements (
-  policy, group_id, max_age
-) VALUES (
-  17, 2, 86400
-);
-
-INSERT INTO enforcements (
-  policy, group_id, max_age
-) VALUES (
-  18, 10, 86400
-);
-
-DELETE FROM enforcements WHERE id = 1;

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db b/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db
deleted file mode 100644 (file)
index 3866bfa..0000000
Binary files a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db and /dev/null differ

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini b/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini
deleted file mode 100644 (file)
index 5d12736..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini
+++ /dev/null
@@ -1,19 +0,0 @@
-[debug]
-DEBUG=1
-TEMPLATE_DEBUG=1
-DEBUG_TOOLBAR=0
-
-[db]
-DJANGO_DB_URL=sqlite:////etc/strongTNC/django.db
-STRONGTNC_DB_URL = sqlite:////etc/pts/config.db
-
-[localization]
-LANGUAGE_CODE=en-us
-TIME_ZONE=Europe/Zurich
-
-[admins]
-Your Name: alice@strongswan.org
-
-[security]
-SECRET_KEY=strongSwan
-

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf b/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf
deleted file mode 100644 (file)
index a60f1de..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac socket-default kernel-netlink stroke eap-identity eap-ttls eap-md5 eap-tnc tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
-
-  plugins {
-    eap-ttls {
-      phase2_method = md5
-      phase2_piggyback = yes
-      phase2_tnc = yes
-      max_message_count = 0
-    }
-    eap-tnc {
-      max_message_count = 0
-    }
-    tnc-pdp {
-      server = aaa.strongswan.org
-      radius {
-        secret = gv6URkSs
-      }
-    }
-  }
-}
-
-libimcv {
-  debug_level = 3 
-  database = sqlite:///etc/pts/config.db
-  policy_script = ipsec imv_policy_manager
-
-  plugins {
-    imv-swid {
-      rest_api_uri = http://admin-user:strongSwan@tnc.strongswan.org/api/
-    }
-  }
-}

diff --git a/testing/tnccs-20-pdp-eap/hosts/alice/etc/tnc_config b/testing/tnccs-20-pdp-eap/hosts/alice/etc/tnc_config
deleted file mode 100644 (file)
index ebe88bc..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/alice/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMV configuration file for strongSwan client 
-
-IMV "OS"       /usr/local/lib/ipsec/imcvs/imv-os.so
-IMV "SWID"     /usr/local/lib/ipsec/imcvs/imv-swid.so

diff --git a/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.conf b/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.conf
deleted file mode 100644 (file)
index 6e6430e..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-       charondebug="tnc 2, imc 3"
-
-conn %default
-       ikelifetime=60m
-       keylife=20m
-       rekeymargin=3m
-       keyingtries=1
-       keyexchange=ikev2
-
-conn home
-       left=PH_IP_CAROL
-       leftauth=eap
-       leftfirewall=yes
-       right=PH_IP_MOON
-       rightid=@moon.strongswan.org
-       rightsubnet=10.1.0.0/16
-       rightauth=pubkey
-       eap_identity=carol
-       aaa_identity="C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
-       auto=add

diff --git a/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.secrets b/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.secrets
deleted file mode 100644 (file)
index 23d79cf..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/carol/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-carol : EAP "Ar3etTnp"

diff --git a/testing/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf b/testing/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf
deleted file mode 100644 (file)
index c040f09..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
-
-  plugins {
-    eap-ttls {
-      max_message_count = 0
-    }
-    eap-tnc {
-      max_message_count = 0
-    }
-    tnccs-20 {
-      max_batch_size = 32754
-      max_message_size = 32722
-    }
-  }
-}

diff --git a/testing/tnccs-20-pdp-eap/hosts/carol/etc/tnc_config b/testing/tnccs-20-pdp-eap/hosts/carol/etc/tnc_config
deleted file mode 100644 (file)
index a954883..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/carol/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMC configuration file for strongSwan client 
-
-IMC "OS"       /usr/local/lib/ipsec/imcvs/imc-os.so
-IMC "SWID"     /usr/local/lib/ipsec/imcvs/imc-swid.so

diff --git a/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.conf b/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.conf
deleted file mode 100644 (file)
index 4846af2..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-       charondebug="tnc 2, imc 3"
-
-conn %default
-       ikelifetime=60m
-       keylife=20m
-       rekeymargin=3m
-       keyingtries=1
-       keyexchange=ikev2
-
-conn home
-       left=PH_IP_DAVE
-       leftauth=eap
-       leftfirewall=yes
-       right=PH_IP_MOON
-       rightid=@moon.strongswan.org
-       rightsubnet=10.1.0.0/16
-       rightauth=pubkey
-       eap_identity=dave
-       aaa_identity="C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
-       auto=add

diff --git a/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.secrets b/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.secrets
deleted file mode 100644 (file)
index 02e0c99..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/dave/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-dave : EAP "W7R0g3do"

diff --git a/testing/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf b/testing/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf
deleted file mode 100644 (file)
index cd9efee..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,30 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
-
-  plugins {    
-   eap-ttls {
-      max_message_count = 0
-    }
-    eap-tnc {
-      max_message_count = 0
-    }
-    tnccs-20 {
-      max_batch_size = 32754
-      max_message_size = 32722
-    }
-  }
-}
-
-libimcv {
-  plugins {
-   imc-os {
-     push_info = no
-    }
-    imc-swid {
-      swid_directory = /usr/share
-      swid_pretty = no
-    }
-  }
-}

diff --git a/testing/tnccs-20-pdp-eap/hosts/dave/etc/tnc_config b/testing/tnccs-20-pdp-eap/hosts/dave/etc/tnc_config
deleted file mode 100644 (file)
index a954883..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/dave/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMC configuration file for strongSwan client 
-
-IMC "OS"       /usr/local/lib/ipsec/imcvs/imc-os.so
-IMC "SWID"     /usr/local/lib/ipsec/imcvs/imc-swid.so

diff --git a/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.conf b/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.conf
deleted file mode 100644 (file)
index 02ada56..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,33 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-
-conn %default
-       ikelifetime=60m
-       keylife=20m
-       rekeymargin=3m
-       keyingtries=1
-       keyexchange=ikev2
-
-conn rw-allow
-       rightgroups=allow
-       leftsubnet=10.1.0.0/28
-       also=rw-eap
-       auto=add
-
-conn rw-isolate
-       rightgroups=isolate
-       leftsubnet=10.1.0.16/28
-       also=rw-eap
-       auto=add
-
-conn rw-eap
-       left=PH_IP_MOON
-       leftcert=moonCert.pem
-       leftid=@moon.strongswan.org
-       leftauth=pubkey
-       leftfirewall=yes
-       rightauth=eap-radius
-       rightsendcert=never
-       right=%any
-       eap_identity=%any

diff --git a/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.secrets b/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.secrets
deleted file mode 100644 (file)
index e86d6aa..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/moon/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: RSA moonKey.pem

diff --git a/testing/tnccs-20-pdp-eap/hosts/moon/etc/iptables.rules b/testing/tnccs-20-pdp-eap/hosts/moon/etc/iptables.rules
deleted file mode 100644 (file)
index 1eb7553..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/moon/etc/iptables.rules
+++ /dev/null
@@ -1,32 +0,0 @@
-*filter
-
-# default policy is DROP
--P INPUT DROP
--P OUTPUT DROP
--P FORWARD DROP
-
-# allow esp
--A INPUT  -i eth0 -p 50 -j ACCEPT
--A OUTPUT -o eth0 -p 50 -j ACCEPT
-
-# allow IKE
--A INPUT  -i eth0 -p udp --sport 500 --dport 500 -j ACCEPT
--A OUTPUT -o eth0 -p udp --dport 500 --sport 500 -j ACCEPT
-
-# allow MobIKE
--A INPUT  -i eth0 -p udp --sport 4500 --dport 4500 -j ACCEPT
--A OUTPUT -o eth0 -p udp --dport 4500 --sport 4500 -j ACCEPT
-
-# allow ssh
--A INPUT  -p tcp --dport 22 -j ACCEPT
--A OUTPUT -p tcp --sport 22 -j ACCEPT
-
-# allow crl fetch from winnetou
--A INPUT  -i eth0 -p tcp --sport 80 -s PH_IP_WINNETOU -j ACCEPT
--A OUTPUT -o eth0 -p tcp --dport 80 -d PH_IP_WINNETOU -j ACCEPT
-
-# allow RADIUS protocol with alice
--A INPUT  -i eth1 -p udp --sport 1812 -s PH_IP_ALICE -j ACCEPT
--A OUTPUT -o eth1 -p udp --dport 1812 -d PH_IP_ALICE -j ACCEPT
-
-COMMIT

diff --git a/testing/tnccs-20-pdp-eap/hosts/moon/etc/strongswan.conf b/testing/tnccs-20-pdp-eap/hosts/moon/etc/strongswan.conf
deleted file mode 100644 (file)
index d329518..0000000
--- a/testing/tnccs-20-pdp-eap/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-radius updown
-  multiple_authentication=no
-  plugins {
-    eap-radius {
-      secret = gv6URkSs
-      #server = PH_IP6_ALICE 
-      server = PH_IP_ALICE
-      filter_id = yes
-    }
-  }
-}

diff --git a/testing/tnccs-20-pdp-eap/posttest.dat b/testing/tnccs-20-pdp-eap/posttest.dat
deleted file mode 100644 (file)
index 1e5c3f8..0000000
--- a/testing/tnccs-20-pdp-eap/posttest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-alice::ipsec stop
-alice::service apache2 stop
-alice::rm /etc/pts/config.db
-moon::iptables-restore < /etc/iptables.flush
-carol::iptables-restore < /etc/iptables.flush
-dave::iptables-restore < /etc/iptables.flush

diff --git a/testing/tnccs-20-pdp-eap/pretest.dat b/testing/tnccs-20-pdp-eap/pretest.dat
deleted file mode 100644 (file)
index 6c74777..0000000
--- a/testing/tnccs-20-pdp-eap/pretest.dat
+++ /dev/null
@@ -1,20 +0,0 @@
-moon::iptables-restore < /etc/iptables.rules
-carol::iptables-restore < /etc/iptables.rules
-dave::iptables-restore < /etc/iptables.rules
-alice::cat /etc/tnc_config
-carol::cat /etc/tnc_config
-dave::cat /etc/tnc_config
-carol::echo 0 > /proc/sys/net/ipv4/ip_forward
-dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
-alice::chgrp www-data /etc/pts/config.db; chmod g+w /etc/pts/config.db
-alice::service apache2 start
-alice::ipsec start
-moon::ipsec start
-dave::ipsec start
-carol::ipsec start
-carol::sleep 1
-dave::ipsec up home
-carol::ipsec up home
-carol::sleep 1

diff --git a/testing/tnccs-20-pdp-eap/test.conf b/testing/tnccs-20-pdp-eap/test.conf
deleted file mode 100644 (file)
index c4ca1a1..0000000
--- a/testing/tnccs-20-pdp-eap/test.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# guest instances used for this test
-
-# All guest instances that are required for this test
-#
-VIRTHOSTS="alice venus moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-v-m-c-w-d.png"
-
-# Guest instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# Guest instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave alice"
-
-# Guest instances on which FreeRadius is started
-#
-RADIUSHOSTS=
-

diff --git a/testing/tnccs-20-pdp-pt-tls/description.txt b/testing/tnccs-20-pdp-pt-tls/description.txt
deleted file mode 100644 (file)
index 45a77e9..0000000
--- a/testing/tnccs-20-pdp-pt-tls/description.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-The PT-TLS (RFC 6876) clients <b>carol</b> and <b>dave</b> set up a connection each to the policy decision 
-point (PDP) <b>alice</b>. <b>carol</b> uses password-based SASL PLAIN client authentication during the
-<b>PT-TLS negotiation phase</b> and <b>dave</b> uses certificate-based TLS client authentication during the
-<b>TLS setup phase</b>.
-<p/>
-During the ensuing <b>PT-TLS data transport phase</b> the <b>OS</b> and <b>SWID</b> IMC/IMV pairs
-loaded by the PT-TLS clients and PDP, respectively, exchange PA-TNC (RFC 5792) messages
-embedded in PB-TNC (RFC 5793) batches. The <b>SWID</b> IMC on <b>carol</b> is requested to deliver
-a concise <b>SWID Tag ID Inventory</b> whereas <b>dave</b> must send a full <b>SWID Tag Inventory</b>.

diff --git a/testing/tnccs-20-pdp-pt-tls/evaltest.dat b/testing/tnccs-20-pdp-pt-tls/evaltest.dat
deleted file mode 100644 (file)
index a9457ec..0000000
--- a/testing/tnccs-20-pdp-pt-tls/evaltest.dat
+++ /dev/null
@@ -1,19 +0,0 @@
-dave:: cat/var/log/auth.log::received SASL Success result::YES
-dave:: cat /var/log/auth.log::collected 372 SWID tags::YES
-carol::cat/var/log/auth.log::received SASL Success result::YES
-carol::cat /var/log/auth.log::collected 373 SWID tag IDs::YES
-carol::cat /var/log/auth.log::collected 1 SWID tag::YES
-alice::cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_DAVE::YES
-alice::cat /var/log/daemon.log::checking certificate status of.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org::YES
-alice::cat /var/log/daemon.log::certificate status is good::YES
-alice::cat /var/log/daemon.log::skipping SASL, client already authenticated by TLS certificate::YES
-alice::cat /var/log/daemon.log::user AR identity.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org.*authenticated by certificate::YES
-alice::cat /var/log/daemon.log::received SWID tag inventory with 372 items for request 3 at eid 1 of epoch::YES
-alice::cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_CAROL::YES
-alice::cat /var/log/daemon.log::SASL PLAIN authentication successful::YES
-alice::cat /var/log/daemon.log::SASL client identity is.*carol::YES
-alice::cat /var/log/daemon.log::user AR identity.*carol.*authenticated by password::YES
-alice::cat /var/log/daemon.log::received SWID tag ID inventory with 373 items for request 9 at eid 1 of epoch::YES
-alice::cat /var/log/daemon.log::1 SWID tag target::YES
-alice::cat /var/log/daemon.log::received SWID tag inventory with 1 item for request 9 at eid 1 of epoch::YES
-alice::cat /var/log/daemon.log::regid.2004-03.org.strongswan_strongSwan-::YES

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default
deleted file mode 100644 (file)
index f6bf635..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default
+++ /dev/null
@@ -1,24 +0,0 @@
-WSGIPythonPath /var/www/tnc
-
-<VirtualHost *:80>
-    ServerName tnc.strongswan.org
-    ServerAlias tnc
-    ServerAdmin webmaster@localhost
-
-    DocumentRoot /var/www/tnc
-
-    <Directory /var/www/tnc/config>
-        <Files wsgi.py>
-            Order deny,allow
-            Allow from all
-        </Files>
-    </Directory>
-
-    WSGIScriptAlias / /var/www/tnc/config/wsgi.py
-    WSGIApplicationGroup %{GLOBAL}
-    WSGIPassAuthorization On
-
-    ErrorLog ${APACHE_LOG_DIR}/tnc/error.log
-    LogLevel warn
-    CustomLog ${APACHE_LOG_DIR}/tnc/access.log combined
-</VirtualHost>

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.conf b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.conf
deleted file mode 100644 (file)
index 7b2118f..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-       charondebug="tls 2, tnc 2, imv 3"
-
-conn aaa
-       leftcert=aaaCert.pem
-       leftid=aaa.strongswan.org
-       auto=add

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/certs/aaaCert.pem b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/certs/aaaCert.pem
deleted file mode 100644 (file)
index 6aeb0c0..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/certs/aaaCert.pem
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEIDCCAwigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTEwMDgwNDA4Mzg0MVoXDTE1MDgwMzA4Mzg0MVowRTELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEmFhYS5z
-dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2R
-RcAYdZ/jOhHBSjrLDYT1OhRJ2mXjyuSbWyJQogF9c6sY8W2GhTC4e1gNThZM9+Pm
-Vzs0R39kzxsmOFhuTfwIhavMzvkWJ7945WDvTpuo2teK4fTtfix3iuyycVXywa7W
-Uum6vZb4uwNoFsZtlYSUFs+app/1VC3X8vEFvP9p//KW2fwbJ6PzR1XN/8AibxoF
-AnfqAXUenRQ1Xs/07/xF4bkZ5MUNTFTo5H+BAc49lAC16TarSTPnX1D925kIGxni
-wePHlIZrCYQTFr003+YNUehVvUxyv0NuIwlxFPokFPLDkQWk6SDvD87FW5IJ06cg
-EbrCFjcIR9/2vIepJd8CAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgOoMB0GA1UdDgQWBBQS5lPpgsOE14sz7JGZimSmSbZOeDBtBgNVHSMEZjBkgBRd
-p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
-EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
-ADAdBgNVHREEFjAUghJhYWEuc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB
-BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y
-Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAqM2eqrsJmAop2roa
-yNeJt8317sdAll8TvDf+s4EeCtcpDT0cIX5vCumpL6E7nV9NWWDazGCAOkwWDPpp
-iuq6R0Js8r0MbyIUbVgOe3xIOqLKd9YW0sb1IwfR/zvWcPUjnUHlqfRH7gdiR4G2
-bWIvKenl3hOQege/XnJNPUwzxeVX7k/qPivOk4I3pLnBjTRtFQdweHM95ex7Fk/d
-HoeWjw5q3MxS3ZwXpKQxZvWU5SDkkc2NJ0/0sm+wca8NC86cXkGqcLFEgJo2l3Dr
-EpZgxIhllub0M88PU7dQrDmy8OQ5j0fhayB1xpVO+REn3norclXZ2yrl4uz0eWR4
-v42sww==
------END CERTIFICATE-----

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/private/aaaKey.pem b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/private/aaaKey.pem
deleted file mode 100644 (file)
index da8cdb0..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.d/private/aaaKey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEArZFFwBh1n+M6EcFKOssNhPU6FEnaZePK5JtbIlCiAX1zqxjx
-bYaFMLh7WA1OFkz34+ZXOzRHf2TPGyY4WG5N/AiFq8zO+RYnv3jlYO9Om6ja14rh
-9O1+LHeK7LJxVfLBrtZS6bq9lvi7A2gWxm2VhJQWz5qmn/VULdfy8QW8/2n/8pbZ
-/Bsno/NHVc3/wCJvGgUCd+oBdR6dFDVez/Tv/EXhuRnkxQ1MVOjkf4EBzj2UALXp
-NqtJM+dfUP3bmQgbGeLB48eUhmsJhBMWvTTf5g1R6FW9THK/Q24jCXEU+iQU8sOR
-BaTpIO8PzsVbkgnTpyARusIWNwhH3/a8h6kl3wIDAQABAoIBAQCJDzatQqNf5uds
-Ld6YHtBGNf/vFYLJAuCtNaD5sAK+enpkmgXMH3X9yzBbj+Yh5hW6eaJYtiffiZOi
-NMQ50KD0bSZhTBIE0GIC6Uz5BwBkGyr1Gk7kQsZoBt5Fm4O0A0a+8a/3secU2MWV
-IxUZDGANmYOJ3O3HUstuiCDoA0gDyDt44n0RWOhKrPQmTP6vTItd/14Zi1Pg9ez3
-Mej/ulDmVV1R474EwUXbLLPBjP3vk++SLukWn4iWUeeHgDHSn0b/T5csUcH0kQMI
-aYRU2FOoCPZpRxyTr9aZxcHhr5EhQSCg7zc8u0IjpTFm8kZ4uN+60777w1A/FH5X
-YHq+yqVBAoGBANy6zM0egvyWQaX4YeoML65393iXt9OXW3uedMbmWc9VJ0bH7qdq
-b4X5Xume8yY1/hF8nh7aC1npfVjdBuDse0iHJ/eBGfCJ2VoC6/ZoCzBD7q0Qn2If
-/Sr/cbtQNTDkROT75hAo6XbewPGt7RjynH8sNmtclsZ0yyXHx0ml90tlAoGBAMlN
-P4ObM0mgP2NMPeDFqUBnHVj/h/KGS9PKrqpsvFOUm5lxJNRIxbEBavWzonphRX1X
-V83RICgCiWDAnqUaPfHh9mVBlyHCTWxrrnu3M9qbr5vZMFTyYiMoLxSfTmW5Qk8t
-cArqBDowQbiaKJE9fHv+32Q0IYRhJFVcxZRdQXHzAoGALRBmJ6qHC5KRrJTdSK9c
-PL55Y8F14lkQcFiVdtYol8/GyQigjMWKJ0wWOJQfCDoVuPQ8RAg4MQ8ebDoT4W/m
-a5RMcJeG+Djsixf1nMT5I816uRKft6TYRyMH0To64dR4zFcxTTNNFtu7gJwFwAYo
-NT6NjbXFgpbtsrTq1vpvVpECgYA0ldlhp8leEl58sg34CaqNCGLCPP5mfG6ShP/b
-xUvtCYUcMFJOojQCaTxnsuVe0so0U/y750VfLkp029yVhKVp6n1TNi8kwn03NWn/
-J3yEPudA7xuRFUBNrtGdsX/pUtvfkx8RutAf4ztH3f1683Txb0MsCfI3gqjbI8D5
-YOMXwQKBgAJnMfPslZIg6jOpBCo6RjdwvjZyPXXyn4dcCyW//2+olPdWnuu+HRCZ
-SkAWB7lSRLSvDZARHb63k+gwSl8lmwrSM53nDwaRdTKjhK2BFWsAKJNOhrOUQqJu
-EXvH4R1NrqOkPqLoG5Iw3XFUh5lQGKvKkU28W6Weolj2saljbW2b
------END RSA PRIVATE KEY-----

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.secrets b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.secrets
deleted file mode 100644 (file)
index 11d45cd..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/ipsec.secrets
+++ /dev/null
@@ -1,6 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: RSA aaaKey.pem
-
-carol : EAP "Ar3etTnp"
-dave  : EAP "W7R0g3do"

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules
deleted file mode 100644 (file)
index 1586214..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules
+++ /dev/null
@@ -1,24 +0,0 @@
-*filter
-
-# default policy is DROP
--P INPUT DROP
--P OUTPUT DROP
--P FORWARD DROP
-
-# open loopback interface
--A INPUT  -i lo -j ACCEPT
--A OUTPUT -o lo -j ACCEPT
-
-# allow PT-TLS 
--A INPUT  -i eth0 -p tcp --dport 271 -j ACCEPT
--A OUTPUT -o eth0 -p tcp --sport 271 -j ACCEPT
-
-# allow ssh
--A INPUT  -p tcp --dport 22 -j ACCEPT
--A OUTPUT -p tcp --sport 22 -j ACCEPT
-
-# allow crl fetch from winnetou
--A INPUT  -i eth0 -p tcp --sport 80 -s 192.168.0.150 -j ACCEPT
--A OUTPUT -o eth0 -p tcp --dport 80 -d 192.168.0.150 -j ACCEPT
-
-COMMIT

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/pts/data1.sql b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/pts/data1.sql
deleted file mode 100644 (file)
index 14f9d7d..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/pts/data1.sql
+++ /dev/null
@@ -1,61 +0,0 @@
-/* Devices */
-
-INSERT INTO devices (                  /*  1 */
-  value, product, created  
-) VALUES (
-  'aabbccddeeff11223344556677889900', 42, 1372330615
-);
-
-/* Groups Members */
-
-INSERT INTO groups_members (
-  group_id, device_id
-) VALUES (
-  10, 1
-);
-
-/* Identities */
-
-INSERT INTO identities (
-  type, value
-) VALUES ( /* dave@strongswan.org */
-  4, X'64617665407374726f6e677377616e2e6f7267'
-);
-
-/* Sessions */
-
-INSERT INTO sessions (
-  time, connection, identity, device, product, rec
-) VALUES (
-  NOW, 1, 1, 1, 42, 0
-);
-
-/* Results */
-
-INSERT INTO results (
-  session, policy, rec, result
-) VALUES (
-  1, 1, 0, 'processed 355 packages: 0 not updated, 0 blacklisted, 4 ok, 351 not found'
-);
-
-/* Enforcements */
-
-INSERT INTO enforcements (
-  policy, group_id, max_age, rec_fail, rec_noresult
-) VALUES (
-  3, 10, 0, 2, 2
-);
-
-INSERT INTO enforcements (
-  policy, group_id, max_age
-) VALUES (
-  17, 2, 86400
-);
-
-INSERT INTO enforcements (
-  policy, group_id, max_age
-) VALUES (
-  18, 10, 86400
-);
-
-DELETE FROM enforcements WHERE id = 1;

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db
deleted file mode 100644 (file)
index 3866bfa..0000000
Binary files a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db and /dev/null differ

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini
deleted file mode 100644 (file)
index 5d12736..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini
+++ /dev/null
@@ -1,19 +0,0 @@
-[debug]
-DEBUG=1
-TEMPLATE_DEBUG=1
-DEBUG_TOOLBAR=0
-
-[db]
-DJANGO_DB_URL=sqlite:////etc/strongTNC/django.db
-STRONGTNC_DB_URL = sqlite:////etc/pts/config.db
-
-[localization]
-LANGUAGE_CODE=en-us
-TIME_ZONE=Europe/Zurich
-
-[admins]
-Your Name: alice@strongswan.org
-
-[security]
-SECRET_KEY=strongSwan
-

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf
deleted file mode 100644 (file)
index eb807b1..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf
+++ /dev/null
@@ -1,29 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl pem pkcs1 nonce x509 revocation constraints openssl socket-default kernel-netlink stroke tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
-
-  plugins { 
-    tnc-pdp {
-      server = aaa.strongswan.org
-      radius {
-        secret = gv6URkSs
-      }
-    }
-  }
-}
-
-libtls {
-  suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-}
-
-libimcv {
-  database = sqlite:///etc/pts/config.db
-  policy_script = ipsec imv_policy_manager
-
-  plugins {
-    imv-swid {
-      rest_api_uri = http://admin-user:strongSwan@tnc.strongswan.org/api/
-    }
-  }
-}

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/tnc_config b/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/tnc_config
deleted file mode 100644 (file)
index ebe88bc..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/alice/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMV configuration file for strongSwan client 
-
-IMV "OS"       /usr/local/lib/ipsec/imcvs/imv-os.so
-IMV "SWID"     /usr/local/lib/ipsec/imcvs/imv-swid.so

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.conf b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.conf
deleted file mode 100644 (file)
index 4a41e7e..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-# the PT-TLS client reads its configuration via the command line

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.secrets b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.secrets
deleted file mode 100644 (file)
index d2f6378..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-# the PT-TLS client loads its secrets via the command line

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.sql b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.sql
deleted file mode 100644 (file)
index 805c8bf..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.sql
+++ /dev/null
@@ -1,4 +0,0 @@
-/* strongSwan SQLite database */
-
-/* configuration is read from the command line */
-/* credentials are read from the command line */

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/iptables.rules b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/iptables.rules
deleted file mode 100644 (file)
index d01d0a3..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/iptables.rules
+++ /dev/null
@@ -1,20 +0,0 @@
-*filter
-
-# default policy is DROP
--P INPUT DROP
--P OUTPUT DROP
--P FORWARD DROP
-
-# allow PT-TLS 
--A INPUT  -i eth0 -s 10.1.0.10 -p tcp --sport 271 -j ACCEPT
--A OUTPUT -o eth0 -d 10.1.0.10 -p tcp --dport 271 -j ACCEPT
-
-# allow ssh
--A INPUT  -p tcp --dport 22 -j ACCEPT
--A OUTPUT -p tcp --sport 22 -j ACCEPT
-
-# allow crl fetch from winnetou
--A INPUT  -i eth0 -p tcp --sport 80 -s 192.168.0.150 -j ACCEPT
--A OUTPUT -o eth0 -p tcp --dport 80 -d 192.168.0.150 -j ACCEPT
-
-COMMIT

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options
deleted file mode 100644 (file)
index d485e9b..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options
+++ /dev/null
@@ -1,6 +0,0 @@
---connect aaa.strongswan.org
---client carol
---secret "Ar3etTnp"
---cert /etc/ipsec.d/cacerts/strongswanCert.pem
---quiet
---debug 2

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf
deleted file mode 100644 (file)
index 29fdf02..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-libtls {
-  suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-}
-
-pt-tls-client {
-  load = curl revocation constraints pem openssl nonce tnc-tnccs tnc-imc tnccs-20
-}

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/tnc_config b/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/tnc_config
deleted file mode 100644 (file)
index f40174e..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/carol/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMC configuration file for strongSwan client 
-
-IMC "OS"       /usr/local/lib/ipsec/imcvs/imc-os.so
-IMC "SWID"     /usr/local/lib/ipsec/imcvs/imc-swid.so

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.conf b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.conf
deleted file mode 100644 (file)
index 4a41e7e..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-# the PT-TLS client reads its configuration via the command line

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.secrets b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.secrets
deleted file mode 100644 (file)
index d2f6378..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-# the PT-TLS client loads its secrets via the command line

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.sql b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.sql
deleted file mode 100644 (file)
index 805c8bf..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/ipsec.sql
+++ /dev/null
@@ -1,4 +0,0 @@
-/* strongSwan SQLite database */
-
-/* configuration is read from the command line */
-/* credentials are read from the command line */

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/iptables.rules b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/iptables.rules
deleted file mode 100644 (file)
index d01d0a3..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/iptables.rules
+++ /dev/null
@@ -1,20 +0,0 @@
-*filter
-
-# default policy is DROP
--P INPUT DROP
--P OUTPUT DROP
--P FORWARD DROP
-
-# allow PT-TLS 
--A INPUT  -i eth0 -s 10.1.0.10 -p tcp --sport 271 -j ACCEPT
--A OUTPUT -o eth0 -d 10.1.0.10 -p tcp --dport 271 -j ACCEPT
-
-# allow ssh
--A INPUT  -p tcp --dport 22 -j ACCEPT
--A OUTPUT -p tcp --sport 22 -j ACCEPT
-
-# allow crl fetch from winnetou
--A INPUT  -i eth0 -p tcp --sport 80 -s 192.168.0.150 -j ACCEPT
--A OUTPUT -o eth0 -p tcp --dport 80 -d 192.168.0.150 -j ACCEPT
-
-COMMIT

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options
deleted file mode 100644 (file)
index ca3ca3a..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options
+++ /dev/null
@@ -1,7 +0,0 @@
---connect aaa.strongswan.org
---client dave@strongswan.org
---key  /etc/ipsec.d/private/daveKey.pem
---cert /etc/ipsec.d/certs/daveCert.pem
---cert /etc/ipsec.d/cacerts/strongswanCert.pem
---quiet
---debug 2

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf
deleted file mode 100644 (file)
index 0a7f048..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-libimcv {
-  plugins {
-    imc-os {
-      push_info = no
-    }
-    imc-swid {
-      swid_directory = /usr/share
-      swid_pretty = yes
-    }
-  }
-}
-
-libtls {
-  suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-}
-
-pt-tls-client {
-  load = curl revocation constraints pem openssl nonce tnc-tnccs tnc-imc tnccs-20
-}

diff --git a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/tnc_config b/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/tnc_config
deleted file mode 100644 (file)
index f40174e..0000000
--- a/testing/tnccs-20-pdp-pt-tls/hosts/dave/etc/tnc_config
+++ /dev/null
@@ -1,4 +0,0 @@
-#IMC configuration file for strongSwan client 
-
-IMC "OS"       /usr/local/lib/ipsec/imcvs/imc-os.so
-IMC "SWID"     /usr/local/lib/ipsec/imcvs/imc-swid.so

diff --git a/testing/tnccs-20-pdp-pt-tls/posttest.dat b/testing/tnccs-20-pdp-pt-tls/posttest.dat
deleted file mode 100644 (file)
index b7da857..0000000
--- a/testing/tnccs-20-pdp-pt-tls/posttest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-carol::ip route del 10.1.0.0/16 via 192.168.0.1
-dave::ip route del 10.1.0.0/16 via 192.168.0.1
-winnetou::ip route del 10.1.0.0/16 via 192.168.0.1
-alice::ipsec stop
-alice::service apache2 stop
-alice::rm /etc/pts/config.db
-alice::iptables-restore < /etc/iptables.flush
-carol::iptables-restore < /etc/iptables.flush
-dave::iptables-restore < /etc/iptables.flush

diff --git a/testing/tnccs-20-pdp-pt-tls/pretest.dat b/testing/tnccs-20-pdp-pt-tls/pretest.dat
deleted file mode 100644 (file)
index 0918909..0000000
--- a/testing/tnccs-20-pdp-pt-tls/pretest.dat
+++ /dev/null
@@ -1,22 +0,0 @@
-alice::iptables-restore < /etc/iptables.rules
-carol::iptables-restore < /etc/iptables.rules
-dave::iptables-restore < /etc/iptables.rules
-alice::cat /etc/tnc_config
-carol::cat /etc/tnc_config
-carol::echo 0 > /proc/sys/net/ipv4/ip_forward
-dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-dave::cat /etc/tnc_config
-alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
-alice::chgrp www-data /etc/pts/config.db; chmod g+w /etc/pts/config.db
-alice::service apache2 start
-alice::ipsec start
-alice::sleep 1
-winnetou::ip route add 10.1.0.0/16 via 192.168.0.1
-dave::ip route add 10.1.0.0/16 via 192.168.0.1
-dave::cat /etc/pts/options
-dave::ipsec pt-tls-client --optionsfrom /etc/pts/options
-carol::ip route add 10.1.0.0/16 via 192.168.0.1
-carol::cat /etc/pts/options
-carol::ipsec pt-tls-client --optionsfrom /etc/pts/options
-carol::sleep 1

diff --git a/testing/tnccs-20-pdp-pt-tls/test.conf b/testing/tnccs-20-pdp-pt-tls/test.conf
deleted file mode 100644 (file)
index 0887e4d..0000000
--- a/testing/tnccs-20-pdp-pt-tls/test.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# guest instances used for this test
-
-# All guest instances that are required for this test
-#
-VIRTHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# Guest instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# Guest instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="carol dave alice"
-
-# Guest instances on which FreeRadius is started
-#
-RADIUSHOSTS=
-